While statistics put Internet Explorer clearly ahead as the most widely used web browser, it’s clear to many people that it is not due to the excellent programming. Subject to more than one official inquiry in Europe, and numerous columns, both online and in print, the practice of “˜bundling’ the infamous browser with the every copy of the operating system represents the primary reason behind its crushing dominance.

Alternative web browsers are aplenty and have a low barrier of entry even for less technically savvy computer users, but people are generally not keen to change their habits or spending time researching, downloading and installing another application – especially when the one that comes preloaded appears to be working just fine.

1. Firefox is not perfect software, but its vulnerabilities are fixed in a considerably shorter amount of time. Many new users are curious – is Mozilla Firefox safe? Updates are released immediately, not on a monthly schedule, and clock in at fewer than 10 MB. Users are notified automatically and prompted to install the update with a single click. The update process doesn’t take more than a minute on a modern computer.

2. Since Firefox is open source, anyone can look at the source code, anyone can spot a problem and contribute a fix. Would you leave your car keys with a guy that says “trust me” or at a car lot with video surveillance and a logbook?

3. ActiveX applets, the way IE extends the functionality of the browser, are a known highway for malware and viruses. Firefox works with verified and signed add-ons. Even if you choose to install a malicious add-on – and the browser warns you – the damage is limited to the information in the browser whereas ActiveX exploits could be used to take over the whole computer.

4. Conscious users can install NoScript, an add-on that takes care of vulnerabilities that are not yet patched, either in Firefox or other plug-ins such as Java, JavaScript and Adobe’s Flash. It achieves this goal by allowing the user to selectively enable interactive objects that the user decides to trust, automatically blocking the rest.

5. Security through obscurity; malicious programmers will always target the browser with the largest user base, especially if that user base is less tech savvy.

6. Firefox uses a service provided by Google that notifies the user before entering a potentially malicious web site. These websites ask for your financial data under false pretenses or contain malicious software often posing as something useful such as codecs or registry fixes.

We check the radiator on the car when the temperature indicator turns red; by the time the computer starts acting up or not starting at all, and by all chances appearing to work just fine, your documents, passwords and financial data might already siphoned half a world away. Most people don’t realize this, there are no clear warnings, but using Internet Explorer is in itself a security threat.

This is not news, yet there are people unaware of the danger posed. Washington Post’s Brian Krebs reports on the Security Fix blog “Internet Explorer Unsafe for 284 Days in 2006″. Even a fully patched and up-to-date version of IE 6 contains at least 22 discovered vulnerabilities; IE 7 stands at 9 and IE 8 at 2. By comparison, the latest version of Firefox (3.5.1), a free and open source browser, has zero un-patched vulnerabilities; the previous version (3.0.x) also stands at zero.

As always, you’re welcome to leave a comment below. Is Mozilla Firefox much more safe compared to IE? You might also want to check out some MakeUseOf posts on security, browsers in general.

I used the mozilla firefox pc it is most different to internet explorer it is provided the best internet speed and it downloads and uploads time are so low so that why it is batter to internet explorer.

I also used this mozilla firefox pc it is best for internet explorer because it is provided the best internet speed to an internet browser and it downloading speed are very high according to the internet.

Probably in 2009 was safer. Now they launch automatic updates that disable vital security plugins like noscript. We had to clean more than a dozen computer in our company because of that. Don't know who makes this idiotic decisions but he can surely use a lower responsibility position.

Give microsoft credit...for still not being up to par with their browser or OS after 20 years....
WAIT they do do major improvements, pretty icons, new splash screens, daily updates that are "critical". Never time to do it right but always time to fix it....

Improvement is always good, but some 'improvements' do nothing but create more headaches. Is IE8 only 100% W3 compliant or do they still use their own brands of implementation (MS Java remember that and the law suits).

I have to use IE at work...the online app was designed for IE instead of being designed for browsers.

You've got valid points there, but I don't think Firefox is THAT safer than IE 7/8 at the end of the day. The browser competition has got so intense these days that most browsers simply don't differ that much in these "background" issues like safety, web standards, and stuff.
I use Firefox because I like it's features, and extensiblity, and the open source code, not because it's safer than IE or Chrome or Opera. I wouldn't give a damn about it's security if it hadn't all those features it has got today.

2) Yes, having lots of people look at the source is good. However, open source is inherently less secure in one regard: it is easier to analyze the source to find exploits. This allows more intentional and surgical complex exploits whereas close source exploits are more closed related to hitting the application with a keyboard like an angry monkey until something happens.

That being said, it is much easier for an open source community to be responsive to vulnerabilities as they are discovered.

The security of an open source project is directly dependent on the community of users. It is unequivocally WRONG to say that a project is more secure just because it is open source. That is, of course, unless you can quantitatively show that the community in question is better able to detect, repair, and distribute fixes more readily than their closed source brethren.

However, ActiveX applets can be signed as well. I wish that Firefox allowed the extensions to interact with the filesystem. ActiveX is a selling point, for me as a developer.

4) If you are that worried about script exploits, you can turn off the same things in IE.

In general, as a developer, I hate NoScript. At a minimal level, most sites track visits and usage patterns (e.g. where users come from for SEO purposes, etc). Disabling that ability can seriously mess with the data.

5) That reason is a painfully illogical. It is saying: "You should try it! It's safe as long as there are not too many people using it!"

They are betting security on the fact that they are unsuccessful in attracting more people.

I hate this "reason" more than any others, because it just does not make sense. It is often used to try to lure people to Apple/Linux. The fact that people accept it shows that they are not thinking more than two moves ahead (to sayâ€¦ "Wait, what happens when the majority of people accept this reason and start using X product?").

6) Yes. This is true, but stupid and wrong if you look into it at all.

IE performed the same (IE & FFX blocked 80% of phishing sites) or better (FFX: 27%, IE: 81% of "socially engineered malware sites") in an independent trial of browser protection.

Firefox would be nothing without the addons. Firefox owes it popularity to numerous developers around the globe. If all those developers someday decide to stop working for FF and go for IE6 (i know it wont happen though), I would be the first one to dump FF and embrace IE.

My comment is off topic, but its what I always say (or think of) when i read any article about Firefox.

"enough of a user base" means ENOUGH to be targeted. But when you have like 90% of the corporate base, it is difficult NOT to be targeted. So, it's true, attacks are less common on Firefox.
Still, we have to give Microsoft something on the effort they put into IE 8:
Internet Explorer 7 and 8 rank much higher on detecting malicious websites, as proven by recent tests.
ActiveX is exploited a LOT more than Firefox extensions. But there is nothing too secure about this extensions, either, and while having them in one single website grants security of the ones in that webpage, just like a user would install an ActiveX if a 3rd party webpage said it was required to run, so would a user install a Firefox extension. Again, ActiveX is exploited a lot more, I'll give you that.
The fact that Firefox is open source doesn't mean a lot. You aren't handing your car keys ONLY to the guy with the video surveillance camera. You are also handing it to the "Trust me" guy AND to the obvious thief.
Finally, while patching the vulnerabilities is good, means you are keeping your software stable and secure, it also means that before much of the patching started, you had an unstable and insecure software.

I wouldn't depend on that. Firefox has enough of a user base to be targeted...and it's STILL safer than any version of IE.

> millions of machines without a valid license which cannot access updates

If you're smart enough to install an "invalid" version of XP or Vista, you're smart enough to get updates without WGA (or patch it). More important is that Microsoft won't let IE7/8 install on Windows 2000...which many corporations are still using.

I prefer YesScript to Noscript, by the way...I blacklist the sites I don't want to allow JavaScript (and why would I ever go back to one of them?) if I need to.

Back in 2007 I started a tech blog on Google's Blogspot platform. After writing a few articles that got popular I focused on improving my writing and researching topics the were popular with IT people.